http://www.forbes.com/sites/richardstiennon/
Richard Stiennon - Cyber Domain - ForbesRichard Stiennon's stories. Cyber Domain: I write about the IT security industry.Copyright 2015 Forbes LLChttp://0.gravatar.com/avatar/4b2f6f27c44a52e6a23ef6cc60fbc9fa?s=400&amp;d=http%3A%2F%2F0.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D400&amp;r=Ghttp://www.forbes.com/sites/richardstiennon/2015/07/27/fixing-the-pentagon-part-i/
Fixing The Pentagon. Part I “What has been is what will be, and what has been done is what will be done, and there is nothing new under the sun.” -Koheleth Now that the latest, greatest, most expensive, fighter jet is coming online the critics are piling on. It’s too slow! It [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55b6a36be4b0dee0682052c4Mon, 27 Jul 2015 18:10:00 -04002015-07-27T18:10:00-04:00 “What has been is what will be, and what has been done is what will be done, and there is nothing new under the sun.” -Koheleth Now that the latest, greatest, most expensive, fighter jet is coming online the critics are piling on. It’s too slow! It [...]http://www.forbes.com/sites/richardstiennon/2015/07/23/think-about-it-a-thought-experiment-that-may-save-your-career/
Think About It: A Thought Experiment That May Save Your CareerSometimes it helps motivate action to perform a thought experiment. After the horrifying breach of OPM many agency heads are probably thinking “how can I ensure I never have to face a grilling by Congress for a failure to protect critical data?” That is the thought that is prevalent today [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55b13f0ae4b0dee068203fefThu, 23 Jul 2015 15:39:00 -04002015-07-23T15:39:00-04:00Sometimes it helps motivate action to perform a thought experiment. After the horrifying breach of OPM many agency heads are probably thinking “how can I ensure I never have to face a grilling by Congress for a failure to protect critical data?” That is the thought that is prevalent today [...]http://www.forbes.com/sites/richardstiennon/2015/07/22/ghost-fleet-required-summer-reading/
Ghost Fleet: Required Summer ReadingWhen two experts on modern warfare get together to write fiction I get in line to read it. Peter Singer’s Wired For War, which tracks the rise of drones and robots for war fighting, was a primary resource for me as I attended classes at King’s College. In all of [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55afa0d8e4b0dee0682035c0Wed, 22 Jul 2015 10:09:00 -04002015-07-22T10:09:00-04:00When two experts on modern warfare get together to write fiction I get in line to read it. Peter Singer’s Wired For War, which tracks the rise of drones and robots for war fighting, was a primary resource for me as I attended classes at King’s College. In all of [...]http://www.forbes.com/sites/richardstiennon/2015/07/21/five-reasons-intel-should-spin-off-mcafee/
Five Reasons Intel Should Spin Off McAfeeIn August of 2010 Intel announced one of the most ill-advised acquisitions in IT security industry history. Intel went on to pay $7.68 billion for McAfee. At the time I was one of many who was critical of the acquisition(Intel Should Not Consummate McAfee Deal.) While Wall Street was enamored [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55ae5c3ce4b0dee068202fd6Tue, 21 Jul 2015 12:30:00 -04002015-07-21T12:30:00-04:00In August of 2010 Intel announced one of the most ill-advised acquisitions in IT security industry history. Intel went on to pay $7.68 billion for McAfee. At the time I was one of many who was critical of the acquisition(Intel Should Not Consummate McAfee Deal.) While Wall Street was enamored [...]http://www.forbes.com/sites/richardstiennon/2015/07/20/how-power-point-kicked-off-rma/
How PowerPoint Kicked Off A Revolution In Military AffairsThe following story is excerpted from There Will Be Cyberwar: How the Move to Network-Centric War Fighting Set the Stage for Cyberwar: The history of China and Taiwan is short, consistent, and unresolvd. When Mao Zedong finally won the Communist revolution against the Chinese Nationalists in 1949, Chiang Kai-Shek fled with [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55aa830de4b0dee068202468Mon, 20 Jul 2015 08:40:00 -04002015-07-20T08:40:00-04:00The following story is excerpted from There Will Be Cyberwar: How the Move to Network-Centric War Fighting Set the Stage for Cyberwar: The history of China and Taiwan is short, consistent, and unresolvd. When Mao Zedong finally won the Communist revolution against the Chinese Nationalists in 1949, Chiang Kai-Shek fled with [...]http://www.forbes.com/sites/richardstiennon/2015/07/17/drastic-times-call-for-drastic-measures-in-cybersecurity/
Drastic Times Call For Drastic Measures In CybersecurityI see the White House has published a compilation of its accomplishments in the realm of cybersecurity. The timing of this self congratulatory piece is obviously tied to the embarrassment of the Federal government for the devastating loss of background information on 21.5 million federal employees, contractors, and even job [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55a955ace4b0dee0682021b3Fri, 17 Jul 2015 15:49:00 -04002015-07-17T15:49:00-04:00I see the White House has published a compilation of its accomplishments in the realm of cybersecurity. The timing of this self congratulatory piece is obviously tied to the embarrassment of the Federal government for the devastating loss of background information on 21.5 million federal employees, contractors, and even job [...]http://www.forbes.com/sites/richardstiennon/2015/07/15/a-deficit-in-security-spending-has-led-to-a-massive-security-debt/
A Deficit In Security Spending Has Led To A Massive Security DebtEvery IT department has struggled for years to justify spending on security. Various models have been used with more or less effect to encourage upper management to open the coffers. Return on Security Investment models attempt to quantify the money saved from preventing future breaches. The factors cited include: cost [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/55a6d465e4b0dee068201817Wed, 15 Jul 2015 18:14:00 -04002015-07-15T18:14:00-04:00Every IT department has struggled for years to justify spending on security. Various models have been used with more or less effect to encourage upper management to open the coffers. Return on Security Investment models attempt to quantify the money saved from preventing future breaches. The factors cited include: cost [...]http://www.forbes.com/sites/richardstiennon/2014/10/01/data-leak-prevention-has-a-new-challange-introducing-through-glass-transfer/
Data Leak Prevention Has A New Challenge: Introducing Through Glass TransferVideoYesterday at the COSAC 21st International Computer Security Symposium and SABSA World Congress in Naas, Ireland, a researcher demonstrated a protocol he had devised that automates the transfer of data from any display to devices like smart phones. COSAC is one of the longest running computer security conferences. This year it [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/542bbca1e4b0563af2c48513Wed, 1 Oct 2014 04:40:00 -04002014-10-01T04:40:00-04:00VideoYesterday at the COSAC 21st International Computer Security Symposium and SABSA World Congress in Naas, Ireland, a researcher demonstrated a protocol he had devised that automates the transfer of data from any display to devices like smart phones. COSAC is one of the longest running computer security conferences. This year it [...]http://www.forbes.com/sites/richardstiennon/2014/09/25/shellshock-bug-in-bourne-shell-could-spawn-worm/
ShellShock Bug In Bash Could Spawn WormFirst posted at securitycurrent By now you have heard about a new bug in one of the most popular Unix shell programs, the Bourne-again Shell, or bash. If you run Mac OSX you probably have used bash, it is the default terminal app. Shellshock is a “bug” in the way Heartbleed [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/54247124e4b03b61661ec19aThu, 25 Sep 2014 15:52:00 -04002014-09-25T15:52:00-04:00First posted at securitycurrent By now you have heard about a new bug in one of the most popular Unix shell programs, the Bourne-again Shell, or bash. If you run Mac OSX you probably have used bash, it is the default terminal app. Shellshock is a “bug” in the way Heartbleed [...]http://www.forbes.com/sites/richardstiennon/2014/09/03/security-never-sleeps-especially-on-three-day-weekends/
Security Never Sleeps, Especially On Three Day WeekendsAs summer is drawing to an end many IT security professionals are returning to their desks after vacations and trips to drop freshmen off at their new schools. A quick check of emails, Twitter, Facebook, and news sites will reveal that insecurity never sleeps nor vacations. A quick recap: Celebrity Photo Leaks. There [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/54073275e4b0bb45818b88a5Wed, 3 Sep 2014 11:30:00 -04002014-09-03T11:30:00-04:00As summer is drawing to an end many IT security professionals are returning to their desks after vacations and trips to drop freshmen off at their new schools. A quick check of emails, Twitter, Facebook, and news sites will reveal that insecurity never sleeps nor vacations. A quick recap: Celebrity Photo Leaks. There [...]http://www.forbes.com/sites/richardstiennon/2014/08/20/how-pivots-are-creating-the-new-crop-of-fast-growing-it-security-vendors/
How Pivots Are Creating The New Crop Of Fast Growing IT Security VendorsIn decades past the trajectory of new enterprise security vendors was easy to project. There was the early development phase which, after 12-18 months, would transition to beta customer acquisition which invariably included Bank of America and Morgan Stanley. Then would come the launch and a 2-3 year period of [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53f4ad91e4b0bb45818b3c9bWed, 20 Aug 2014 10:22:00 -04002014-08-20T10:22:00-04:00In decades past the trajectory of new enterprise security vendors was easy to project. There was the early development phase which, after 12-18 months, would transition to beta customer acquisition which invariably included Bank of America and Morgan Stanley. Then would come the launch and a 2-3 year period of [...]http://www.forbes.com/sites/richardstiennon/2014/07/03/is-there-a-second-nsa-leaker/
Is There A Second NSA Leaker?As published on securitycurrent. This morning a partial analysis of the NSA’s XKEYSCORE code was published in Germany. Jacob Applebaum, an evangelist for Tor, was one of the authors. The report details specific rules written for one of the NSA’s data collection tools, XKEYSCORE, which collects the IP addresses of Tor bridges, [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53b5b4e8e4b0ea12adfd08edThu, 3 Jul 2014 15:57:00 -04002014-07-03T15:57:00-04:00As published on securitycurrent. This morning a partial analysis of the NSA’s XKEYSCORE code was published in Germany. Jacob Applebaum, an evangelist for Tor, was one of the authors. The report details specific rules written for one of the NSA’s data collection tools, XKEYSCORE, which collects the IP addresses of Tor bridges, [...]http://www.forbes.com/sites/richardstiennon/2014/07/01/is-general-alexander-worth-30k-a-day/
Is General Alexander Worth $30K A Day?First posted at securitycurrent.com &nbsp; Congressman Alan Grayson made waves last week when he sent letters to the Securities Industry and Financial Markets Association(SIFMA), the Consumer Bankers Association, and the Financial Services Roundtable assailing former head of the NSA, Keith Alexander. In each letter Grayson cited a Bloomberg article that revealed [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53b359f4e4b0ea12adfcfc5cTue, 1 Jul 2014 21:06:00 -04002014-07-01T21:06:00-04:00First posted at securitycurrent.com &nbsp; Congressman Alan Grayson made waves last week when he sent letters to the Securities Industry and Financial Markets Association(SIFMA), the Consumer Bankers Association, and the Financial Services Roundtable assailing former head of the NSA, Keith Alexander. In each letter Grayson cited a Bloomberg article that revealed [...]http://www.forbes.com/sites/richardstiennon/2014/05/26/security-industry-fights-surveillance-state-with-words/
Security Industry Fights Surveillance State with WordsAs posted originally on securitycurrent. Full disclosure per Forbes policy: All of the vendors mentioned in this post have been my clients for strategic advisory services during the last ten years. &nbsp; Cisco’s General Counsel Mark Chandler on May 13 reacted strongly to further news of NSA exploiting Cisco gear, sparked in part [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53838e3ce4b08357292021a9Mon, 26 May 2014 15:08:00 -04002014-05-26T15:08:00-04:00As posted originally on securitycurrent. Full disclosure per Forbes policy: All of the vendors mentioned in this post have been my clients for strategic advisory services during the last ten years. &nbsp; Cisco’s General Counsel Mark Chandler on May 13 reacted strongly to further news of NSA exploiting Cisco gear, sparked in part [...]http://www.forbes.com/sites/richardstiennon/2014/05/20/sandbox-vendors-ignore-microsoft-license-agreements/
Sandbox Vendors Ignore Microsoft License AgreementsAn examination of Microsoft’s Customer License Agreement (CLA) for embedded systems indicates that there is no provision for a vendor to ship appliances with multiple virtual instances of Windows, or its popular Office productivity suite. In fact, shipping Windows in a virtualized environment is expressly prohibited. From the CLA: (2b3) [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/537b70ede4b083572920029fTue, 20 May 2014 11:25:00 -04002014-05-20T11:25:00-04:00An examination of Microsoft’s Customer License Agreement (CLA) for embedded systems indicates that there is no provision for a vendor to ship appliances with multiple virtual instances of Windows, or its popular Office productivity suite. In fact, shipping Windows in a virtualized environment is expressly prohibited. From the CLA: (2b3) [...]http://www.forbes.com/sites/richardstiennon/2014/05/03/going-back-to-cyber-school/
Going Back To (Cyber) SchoolAcademia is acquiring an interest in cyber education on many fronts. Not likely to crank out cyber warriors at anywhere close to the rate needed to meet current demand, they are nonetheless anxious to participate in a real trend. De Montfort University’s Cyber Security Centre in Leicester, England offers undergrad, graduate, [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/5364e033e4b096c8271ee473Sat, 3 May 2014 08:28:00 -04002014-05-03T08:28:00-04:00Academia is acquiring an interest in cyber education on many fronts. Not likely to crank out cyber warriors at anywhere close to the rate needed to meet current demand, they are nonetheless anxious to participate in a real trend. De Montfort University’s Cyber Security Centre in Leicester, England offers undergrad, graduate, [...]http://www.forbes.com/sites/richardstiennon/2014/04/18/firewall-policy-management-evolves-to-security-policy-orchestration/
Firewall Policy Management Evolves To Security Policy OrchestrationVideoThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. As networks have grown and network security device deployments have skyrocketed, it has become much more [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53512efbe4b0677d2d9a7d67Fri, 18 Apr 2014 10:01:00 -04002014-04-18T10:01:00-04:00VideoThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. As networks have grown and network security device deployments have skyrocketed, it has become much more [...]http://www.forbes.com/sites/richardstiennon/2014/04/16/was-the-heartbleed-bug-disclosed-responsibly/
Was The Heartbleed Bug Disclosed Responsibly?Responsible disclosure is a burning issue it the world of software and security. If a security flaw is discovered by a researcher (sometimes called a hacker) what are the responsible actions the discoverer should take? There was a time when many security flaws were just published willy-nilly to a mail [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/534f0f50e4b0677d2d9a743fWed, 16 Apr 2014 19:20:00 -04002014-04-16T19:20:00-04:00Responsible disclosure is a burning issue it the world of software and security. If a security flaw is discovered by a researcher (sometimes called a hacker) what are the responsible actions the discoverer should take? There was a time when many security flaws were just published willy-nilly to a mail [...]http://www.forbes.com/sites/richardstiennon/2014/04/07/20-cyber-policy-experts-to-follow-on-twitter/
20 Cyber Policy Experts To Follow On TwitterThis column first appeared at securitycurrent.com. The emerging field of cyber policy is attracting government, academic, and technology experts. Here is a list of cyber policy experts from around the world who are well worth following on Twitter. You can follow them individually or read their posts on this Twitter list [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53429ac4e4b01aa27ac96350Mon, 7 Apr 2014 08:41:00 -04002014-04-07T08:41:00-04:00This column first appeared at securitycurrent.com. The emerging field of cyber policy is attracting government, academic, and technology experts. Here is a list of cyber policy experts from around the world who are well worth following on Twitter. You can follow them individually or read their posts on this Twitter list [...]http://www.forbes.com/sites/richardstiennon/2014/04/07/600/
Where Are The US Tech Heroes?This column first appeared in securitycurrent.com It has been three months since the world learned that the NSA’s Signals Intelligence Directorate, through its Tailored Access Operations (TAO) has been deploying backdoors in Cisco, Juniper, Huawei, Dell, and several hard drive manufacturer’s gear. The response from them so far? Weak protestations that [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/534299c4e4b01aa27ac96349Mon, 7 Apr 2014 08:31:00 -04002014-04-07T08:31:00-04:00This column first appeared in securitycurrent.com It has been three months since the world learned that the NSA’s Signals Intelligence Directorate, through its Tailored Access Operations (TAO) has been deploying backdoors in Cisco, Juniper, Huawei, Dell, and several hard drive manufacturer’s gear. The response from them so far? Weak protestations that [...]http://www.forbes.com/sites/richardstiennon/2014/04/07/why-network-security-vendors-should-stay-away-from-end-point-security-and-vice-versa/
Why Network Security Vendors Should Stay Away From End Point Security, and Vice-VersaThis column first appeared at securitycurrent.com There would be many more successful security companies if their founders and leaders had a better understanding of the IT security space. One fallacy that will not die is the idea that, to grow, a vendor must be a full stack solution. There is no question [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53429867e4b01aa27ac96341Mon, 7 Apr 2014 08:27:00 -04002014-04-07T08:27:00-04:00This column first appeared at securitycurrent.com There would be many more successful security companies if their founders and leaders had a better understanding of the IT security space. One fallacy that will not die is the idea that, to grow, a vendor must be a full stack solution. There is no question [...]http://www.forbes.com/sites/richardstiennon/2014/03/25/tailspin/
How Symantec Can Pull Out Of A Tail SpinThis column first appeared in securitycurrent. It should come as no surprise to anyone that the strategy of Symantec’s recently fired CEO, Steve Bennett, to cut costs and improve operations ,has failed miserably. As I wrote when Symantec's board replaced then CEO Enrique Salem with Bennett, in the IT security industry innovation far [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53314d4fe4b06efaf826ebe1Tue, 25 Mar 2014 05:40:00 -04002014-03-25T05:40:00-04:00This column first appeared in securitycurrent. It should come as no surprise to anyone that the strategy of Symantec’s recently fired CEO, Steve Bennett, to cut costs and improve operations ,has failed miserably. As I wrote when Symantec's board replaced then CEO Enrique Salem with Bennett, in the IT security industry innovation far [...]http://www.forbes.com/sites/richardstiennon/2014/03/23/stem-stinks-for-cybersecurity/
STEM Stinks For CybersecurityI am getting fed up with the clamor on the part of policy makers for more degrees in Science, Technology, Engineering, and Math (STEM) as the path to success in the United States, especially in cybersecurity. The numbers don’t add up, and the problem of not having enough cybersecurity workers [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/532f30cde4b06efaf826e0bdSun, 23 Mar 2014 15:22:00 -04002014-03-23T15:22:00-04:00I am getting fed up with the clamor on the part of policy makers for more degrees in Science, Technology, Engineering, and Math (STEM) as the path to success in the United States, especially in cybersecurity. The numbers don’t add up, and the problem of not having enough cybersecurity workers [...]http://www.forbes.com/sites/richardstiennon/2014/03/04/what-will-a-russia-ukraine-cyberwar-look-like/
What Will A Russia-Ukraine Cyberwar Look Like?The following post appeared in securitycurrent on Monday, March 3. I have added updates to reflect recent events. This playbook has already been written. Peaceful street protests. Government crack down. Russian agitation on behalf of “Russian speakers.” And finally, Russian tanks and war planes settling the matter. Of course I am [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53168c8ae4b0971730663fc1Tue, 4 Mar 2014 21:43:00 -05002014-03-04T21:43:00-05:00The following post appeared in securitycurrent on Monday, March 3. I have added updates to reflect recent events. This playbook has already been written. Peaceful street protests. Government crack down. Russian agitation on behalf of “Russian speakers.” And finally, Russian tanks and war planes settling the matter. Of course I am [...]http://www.forbes.com/sites/richardstiennon/2014/02/19/you-mad-bro-you-will-be-after-watching-these-jacob-applebaum-videos/
You Mad Bro? You Will Be, After Watching These Jacob Applebaum VideosVideoThis post originally appeared on securitycurrent. The reactions to the depth and scope of the NSA’s surveillance apparatus has varied from ho-hum, “that’s their job,” to OMG “it’s the end of the world as we know it!” Somewhere in the middle is the slow-boil rage that is going to transform the [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/53054bafe4b0ba3c471ae9abWed, 19 Feb 2014 19:35:00 -05002014-02-19T19:35:00-05:00VideoThis post originally appeared on securitycurrent. The reactions to the depth and scope of the NSA’s surveillance apparatus has varied from ho-hum, “that’s their job,” to OMG “it’s the end of the world as we know it!” Somewhere in the middle is the slow-boil rage that is going to transform the [...]http://www.forbes.com/sites/richardstiennon/2014/01/28/will-the-leader-of-the-free-world-address-that-world/
Will The Leader Of The Free World Address That World?This column first appeared in securitycurrent. I know it seems archaic to refer to the President of the United States as the “leader of the free world,” especially after 14 years of apparent decline in standing of the United States. Let’s face it, trumped up charges of weapons of mass destruction, [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/52e7ddf8e4b07ff08fb3b353Tue, 28 Jan 2014 11:46:00 -05002014-01-28T11:46:00-05:00This column first appeared in securitycurrent. I know it seems archaic to refer to the President of the United States as the “leader of the free world,” especially after 14 years of apparent decline in standing of the United States. Let’s face it, trumped up charges of weapons of mass destruction, [...]http://www.forbes.com/sites/richardstiennon/2014/01/23/snowden-calls-for-termination-of-unwarranted-surveillance/
Snowden Calls For Termination Of Unwarranted SurveillanceThis post excerpted from securitycurrent. In a live chat hosted by The Courage Foundation Edward Snowden called on the US to stop the mass collection of telephone records by the NSA, authorized under section 215 of the Patriot Act. The Courage Foundation is a trust, audited by accountants Derek Rothera &amp; Company in the UK, [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/52e1992ee4b07ff08fb3910eThu, 23 Jan 2014 17:38:00 -05002014-01-23T17:38:00-05:00This post excerpted from securitycurrent. In a live chat hosted by The Courage Foundation Edward Snowden called on the US to stop the mass collection of telephone records by the NSA, authorized under section 215 of the Patriot Act. The Courage Foundation is a trust, audited by accountants Derek Rothera &amp; Company in the UK, [...]http://www.forbes.com/sites/richardstiennon/2013/11/16/trusted-computing-must-repudiate-the-nsa/
Trusted Computing Must Repudiate The NSA. Updated.Update Dec. 21, 2013: Developments this week support the notion that the NSA is seeking to compromise security systems, especially crypto systems. First, this report from Reuters claims that RSA, the security division of EMC, accepted a $10 million payment to make the flawed random number generator, DUAL_EC_DRBG, its default [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/5287c521e4b0d181e3c409ceSat, 16 Nov 2013 14:25:00 -05002013-11-16T14:25:00-05:00Update Dec. 21, 2013: Developments this week support the notion that the NSA is seeking to compromise security systems, especially crypto systems. First, this report from Reuters claims that RSA, the security division of EMC, accepted a $10 million payment to make the flawed random number generator, DUAL_EC_DRBG, its default [...]http://www.forbes.com/sites/richardstiennon/2013/10/22/will-attestations-solve-the-vendor-trust-problem/
Will Attestations Solve The Vendor Trust Problem?I have written and presented on the great harm that has come from the NSA’s pervasive surveillance programs. How are vendors of network and security products going to re-establish trust with their customers? Those companies that specifically provide surveillance evading technology have been hardest hit. There is no option for them [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/52668f75e4b0c373ef8412bcTue, 22 Oct 2013 11:04:00 -04002013-10-22T11:04:00-04:00I have written and presented on the great harm that has come from the NSA’s pervasive surveillance programs. How are vendors of network and security products going to re-establish trust with their customers? Those companies that specifically provide surveillance evading technology have been hardest hit. There is no option for them [...]http://www.forbes.com/sites/richardstiennon/2013/09/10/nsa-set-to-approve-tpm-for-government-use/
NSA Set To Approve TPM For Government Use Speaking at the Trusted Computing Conference in Orlando Monday afternoon, Debora Plunkett, Director of Information Assurance for the NSA, announced that she is preparing to sign an Information Assurance Advisory that permits the purchase of Trusted Computing components for National Security Systems. This is great news for the small community [...]Richard Stiennon, ContributorRichard Stiennon, Contributorhttp://www.forbes.com/sites/richardstiennon/522f40f8e4b0fd886082df70Tue, 10 Sep 2013 12:08:00 -04002013-09-10T12:08:00-04:00 Speaking at the Trusted Computing Conference in Orlando Monday afternoon, Debora Plunkett, Director of Information Assurance for the NSA, announced that she is preparing to sign an Information Assurance Advisory that permits the purchase of Trusted Computing components for National Security Systems. This is great news for the small community [...]